[英]SSLHandshakeException: PKIX path building failed with Unable to find certificate chain
I am trying to Connect SSRS ReportServer with HTTPS Protocol from Java Client it's giving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: java.security.cert.CertPathBuilderException: Unable to find certificate chain But I have added the certificate in Java Keystore, It the keystore the certificate is showing with the defined alias name. 我正在尝试通过Java Client从HTTPS协议连接SSRS ReportServer和HTTPS协议,从而使javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:java.security.cert.CertPathBuilderException:无法找到证书链,但是我已经在Java密钥库中添加了证书,使用定义的别名显示了证书所显示的密钥库。 But Same SSRS Request call is working with HTTP Protocol.
但是Same SSSS Request调用正在使用HTTP协议。 Note: We are using a wildcard certificate from Go-Daddy for secure communication
注意:我们使用Go-Daddy的通配符证书进行安全通信
When you got your certificate, there should have been a p7b (possibly) included with it. 当您获得证书时,它应该包含一个p7b(可能)。
Essentially, when GoDaddy issues a certificate, they are not issued from the root directly. 本质上,当GoDaddy颁发证书时,它们不是直接从根颁发的。
Most likely you have one issued from an intermediate authority. 您最有可能是由中间机构发行的。
You can get the intermediate certificates at https://ssl-ccp.godaddy.com/repository?origin=CALLISTO 您可以通过https://ssl-ccp.godaddy.com/repository?origin=CALLISTO获得中间证书
The certificate chain needs to be appended to the actual certificate and imported on the server . 证书链需要附加到实际证书中,并导入到服务器上 。
The PEM file containing the cert being imported should look like: 包含要导入的证书的PEM文件应如下所示:
<actual certificate>
<intermediate certificate>
[<intermediate certificate> ...]
After that you shouldn't have a need to do anything else on the client. 之后,您无需在客户端上执行任何其他操作。
EDIT 编辑
After re-reading my answer, I realized there may be a little bit of vagueness with regard to the process. 重新阅读我的答案后,我意识到该过程可能有些含糊。 So in efforts to bring this more full cycle here we go.
因此,在努力使这个更完整的周期在这里,我们走了。
Can you verify that the certificate is added to 'Java Truststore' and not Keystore (although both have .jks extension). 您是否可以验证证书已添加到“ Java Truststore”而不是Keystore中(尽管两者都具有.jks扩展名)。 Have a look at this https://docs.oracle.com/cd/E19830-01/819-4712/ablqw/index.html
看看这个https://docs.oracle.com/cd/E19830-01/819-4712/ablqw/index.html
Keystore file, keystore.jks, contains the Application Server's certificate, including its private key
密钥库文件keystore.jks包含应用服务器的证书,包括其私钥
Truststore file, cacerts.jks, contains the Application Server's trusted certificates
信任库文件cacerts.jks,包含应用程序服务器的信任证书
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.